Collection and analysis of logs. Prioritization of information security events. Investigation of incidents. User Behavioral Analysis.
IBM Qradar, UBA, Watson.
Collection and analysis of 1.3 TB of logs per day. Prioritize all information security events. The threat response time has been reduced from 5 hours to 10 minutes. The time to investigate incidents decreased from 6 days to 4 hours. Behavioral analysis of all employees for risks to the company and infrastructure. All events from different sources of information are now in one interface.
Vulnerability Management. Inventory of IT assets. Investigation of incidents. Reporting to management and regulators.
Visibility picture of the vulnerability of the entire network 24/7. Inventory of all IT assets, certificates and licenses. Automatic reporting of closed vulnerabilities and the state of infrastructure today. Monitoring and compliance with regulatory requirements. Equipment settings according to world standards GDPR, PCI DSS, ISO.
Vulnerability visibility on the network 24/7. Prioritize vulnerabilities from most critical to less important. Ways to solve and patch each of the vulnerabilities found, which allows to reduce the incident closure time to 2 hours. The time for preparing a report for the regulator and top management was reduced to 1 hour, which saves the resources of IS employees by 1 business day. An inventory of IT assets and licenses increased the productivity of procurement and IT staff by 4 times. Investigation of incidents was reduced to 2.5 hours.
Publication of confidential company data on social networks; leakage of your corporate or personal data.
через свои аккаунты и доступы производит сбор информации по указанным заказчиком критериям и выдает отчет.
unreliable employees found in companies.
Thunder NSI solution and implemented cases
using a cloud platform, it takes care of all the DNS queries, analyzes them and sends only trusted queries to the client’s network.
300K + threats blocked, reduction in the number of calls to the support service, the database “Big Data” 2B + data points was created, the caching speed was increased to 90%.
a wide variety of network devices.
a wide variety of network devices.
What do system administrators, database administrators, remote programmers do on your system? Who controls them? What actions led to data loss, inaccessibility of resources?
monitors and monitors the actions of privileged users of your network.
differentiation of access by device groups, access and action control, working hours, prohibition of critical teams, all this allowed to increase the level of performing discipline among privileged users and reduce incidents with a negligent attitude to work.
variety of network equipment in the market.
network equipment from one manufacturer.
reduction of equipment setup time.
one of the leaders of DLP solutions (Data Loss Prevention).
monitors and analyzes all passing user data and identifies leaks or possible risk data.
to date, receiving a video image is not enough to quickly respond to threats.
allows you to process large amounts of video data, which is to obtain a protected object by quickly responding to threats.
The speed of response to incidents has increased significantly, and most importantly, the quality of incident detection has increased. If earlier the percentage of identifying unreliable visitors was 34%, then after the introduction of the system it increased to 72%.
almost 80% of resource-constrained (human and financial) enterprises can only afford to deploy antivirus and firewalls.
allows you to protect yourself from the following threats using the cloud platform: Insider, cyber hygiene, mal-ware, fileless attack, APT, lateral movement, privileged user abuse, suspicious behavior, vulnerability management.
this solution was implemented at a major automobile concern in Poland.
protection costs decreased almost 1.4 times in terms of 3 years, but the client received a single point of protection from attacks, there is no need to train company specialists in different solutions, 24/7 support.
use by employees of unapproved software at workplaces, loss of mobile devices with service information.
Allows centralized management of corporate devices for security, support and business device management.
this solution was implemented in LifeCell UA.
loss of confidential information was minimized, the policy of installed software was regulated.
Network Security (NGFW, VPN Sandbox, Endpoint Security). SCADA Security, Complete Network Vision: Threat Identification and Reflection.
Database Encryption. Data on file servers, application encryption. Manage and store encryption keys.
A system of simulation traps with full copying and the addition of all types of nodes of the IT infrastructure.